GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


archive:bbs:dirtydzn

THE DIRTY DOZEN – An Uploaded Program Alert List

—————————————————————————-

—————————————————————————-

Recently, many unlawfully copied or modified programs have appeared on various IBM PC bulletin boards across the country. THE DIRTY DOZEN is a list of known examples.

IMPORTANT NOTE: the author takes no responsibility for the validity or completeness of this list. Many sources contribute to the list, and it is very possible that one of the reported 'dirty' files works perfectly and is in the Public Domain. I will try to '*' asterisk any programs what I feel are not positively 'bad,' but all the same, it is quite possible that a mistake will slip in somewhere. Since this is the case, please keep in mind while reading this list that however unlikely, it is possible that I or my sources are incorrect in our accusations. Please also bear in mind that the dirty dozen list has not yet falsely accused a Public Domain program of being pirated, or a well working program of all existing bad software into one list. Everyday users upload bad software to hundreds of boards, and often times the software is not yet in this list. In other words, if you run a trojan horse that I did not list in here, don't call my board up call up and leave me a message so that I can get the destructive program in the next issue. If anyone is unsure whether a file is trojan, and it's not listed in here, then I recommend using a utility like BOMBSQAD.COM to prevent any mishaps.

There are four major categories of bad software: commercial pirate jobs, unauthorized copies of otherwise legitimate freeware programs, malicious "TROJAN" programs which damage your system, and miscellaneous illegal software. Please look in the definitions section of this document for a more detailed explanation of these terms.

SysOps: Please be careful with the files you post in your download libraries! An professional quality uploaded game or disk utility should arouse your suspicions, especially if it doesn't include the author's name, address, and distribution policy. Such programs are probably NOT public domain! The BBS community is already under legislative threat at the State and Federal level. We cannot fight this trend effectively while our directories sit stocked with cracked Sega games, wargames dialers, and malicious "trojan horses!" Let's demonstrate a little social responsibility by cleaning up our download libraries. If you as a SysOp have any of these files on your system, please delete them and post "blocking" dummy file entries like this one:

      ZAXXON.COM        DELETED!! NOT PUBLIC DOMAIN!!
                         

If everyone works together to fight this new brand of software, the growing numbers of piraters and trojan horse writers may well be put 'out of business!'

The idea behind THE DIRTY DOZEN is to bring this important issue to the attention of more SysOps and users - to act as an information "clearing - house" for the latest known examples of "bogusware," so that an educated public can fight effectively for safe downloadable files.

   
The Dirty Dozen is a big project, and it needs your help to succeed!

Please call in any updates of bad software that you know of, but DO NOT modify this article yourself. If everyone who discovers a pirated program starts modifying the DD, there would be hundreds of issues in circulation. Also, I think it's quite unfair, especially considerig that I've spent over a hundred hours of my time on this list, for just anyone to put their name at the top of the list and say that they write, or helped write, the DD. For example, someone named Gerhard Barth added two files, both of which were already listed in the DD, and proceeded to write "Updated by Gerhard Barth, please send all further updates to Gerhard Barth," etc. If everyone does this, how will anyone know which file is the latest and TRUE Dirty Dozen? If you have an update, please see the end of this article for information on how to reach me with new information.

A user of mine has notified me that some pirates have patched HARDHAT.COM and PANGO.COM to read "cracked by Eric Newhouse." This is ridiculous! Please disregard any programs that you may come across in the future advertising "copy protection busted by Eric Newhouse, " or the like. This is just one more way that pirates are trying to get me to stop publishing this list!

A word on TROJANS: I have been hearing more and more reports of these "worm" programs, from all directions. While I don't doubt their existence, do not get hysterical. Remember, a Trojan rumor is much easier to START than it is to STOP. Some people have accused legitimate *joke* programs, like DRAIN (which pretends to be gurgling excess water out of your A drive) of being "killers." If a program locks up your system, it isn't necessarily Trojan; it might not like co-residing with Superkey, or your graphics card. Ask around a little before you announce something as Trojan. I would appreciate a bagged specimen of any real Trojan program that you might have the (un)luck to find.

A word on Pirated programs: Recently many pirated programs such as AUTODEX have been going under many different names. Although I will try to keep all these names current in the DD, the best way to check for piracy in a file is to run that file yourself – checking for (C)opyright notices of commercial manufactures, similarities in looks and operations of commercial programs, and of course whether the name is in this list.

Finally I want to thank all BBS SysOps and users that notified me of

updates, additions, and/or corrections to DIRTYDOZ.006. It's great to see so much support! In this issue more people than ever called in with updates. Everyone else who reads this list, along with myself, really appreciates the effort!

DEFINITIONS:

  HACKED    An unlawfully modified copy of an otherwise legitimate
            public domain or user-supported program.  It is illegal to
            distribute a modified copy of someone else's work without
            their permission!  All modified programs must contain this
            permission, either in the program's display or documentation.
  • TROJAN* BEWARE!! These programs PURPOSEFULLY damage a user's system

upon their invokation. Usually they aim to disable hard disks,

            although they can destroy other equipment too.  It is IMPERATIVE
            that you let me know about any new examples of these that you
            find.
  PIRATED   This is an illegal copy of a commercial program product.
            Examples: a cracked (de-protected) game, an accidentally
            or deliberately distributed compiler, editor or utility;
            sometimes a Beta test copy of a program under development,
            handed out by a disgruntled employee or dishonest beta
            tester.  In the latter case, the program in question may
            never make it to market due to the piracy!  In the case of games,
            there's a tendency for the pirate to patch a clumsy
            "PUBLIC DOMAIN" notice over top of the original copyright.
            ZAXXON.COM is a prime example.
  MISC      This is miscellaneous illegal software and/or text.
            The best definition, aside from that, that I can think of
            is that it's NOT pirated software.

NOTE: If I do not supply a file extension, that means that the file circulates under many different extensions. For instance, users commonly upload with extensions of either: .EXE, .COM, .EQE, .CQM, .LBR, .LQR, and .ARC.


TROJAN HORSE PROGRAMS:

—————————————————————————-

Name Category Notes ————– ——– ————————————————- ANTI-PCB *TROJAN* The story behind this trojan horse is sickening.

                          Apparently one RBBS-PC sysop and one PC-BOARD
                          sysop started feuding about which BBS system
                          is better, and in the end the PC-BOARD sysop
                          wrote a trojan and uploaded it to the rbbs
                          SysOp under ANTI-PCB.COM.  Of course the RBBS-PC
                          SysOp ran it, and that led to quite a few
                          accusations and a big mess in general.  Let's grow
                          up!  Every SysOp has the right to run the type of
                          BBS that they please, and the fact that a SysOp
                          actually wrote a trojan intended for another
                          simply blows my mind.

ARC513.EXE *TROJAN* This hacked version of arc appears normal, so

                          beware!  It will write over track 0 of your
                          [hard] disk upon usage, destroying the disk.

ARC514.COM *TROJAN* This is totally similar to arc version 5.13 in that

                          it will overwrite track 0 (FAT Table) of your hard
                          disk.  Also, I have yet to see an .EXE version
                          of this program..

BACKTALK *TROJAN* This program used to be a good PD utility,

                          but some one changed it to be trojan.
                          Now this program will write/destroy sectors
                          on your [hard] disk drive.  Use this with caution
                          if you acquire it, because it's more than likely
                          that you got a bad copy.

CDIR.COM *TROJAN* This program is supposed to give you a color

                          directory of files on disk, but it in fact
                          will scramble your disks FAT table.

DANCERS.BAS *TROJAN* This trojan shows some animated dancers in color,

                          and then proceeds to wipe out your [hard] disk's
                          FAT table.  There is another perfectly good copy
                          of DANCERS.BAS on BBS's around the country;
                          apparently the idiot author in question altered
                          a legitimate program to do his dirty work.

DISKSCAN.EXE *TROJAN* This was a PC-MAGAZINE program to scan a (hard) disk

                          for bad sectors, but then a joker edited it to
                          WRITE bad sectors.  Also look for this under other
                          names such as SCANBAD.EXE and BADDISK.EXE...

DMASTER *TROJAN* This is yet another FAT scrambler.. DOSKNOWS.EXE *TROJAN* I'm still tracking this one down – apparently

                          someone wrote a FAT killer and renamed it
                          DOSKNOWS.EXE, so it would be confused with the
                          real, harmless DOSKNOWS system-status utility.
                          All I know for sure is that the REAL DOSKNOWS.EXE
                          is 5376 bytes long.  If you see something called
                          DOSKNOWS that isn't close to that size, sound the
                          alarm.  More info on this one is welcomed -- a
                          bagged specimen especially.

DPROTECT *TROJAN* Apparently someone tampered with the original,

                          legitimate version of DPROTECT and turned
                          it into a FAT table eater.

EGABTR *TROJAN* BEWARE! Description says something like

                          "improve your EGA display," but when run it
                          deletes everything in sight and prints "Arf! Arf!
                          Got you!"

EMMCACHE *TROJAN* This is a funny trojan. The author did a good

V. 1.0                    job of writing the documentation, and on the
                          outside it looks to be a very well written
                          program.  However, after running it to install
                          69 pages of a EMS disk cache, the program
                           A) Scrambled every file that I thereafter modified
                              (changed and then wrote to disk), and
                           B) Destroyed my boot sector.
                          The program is especially dangerous because it
                          will damage many of your most used files before
                          you realize what hit you.

FILER.EXE *TROJAN* One SysOp complained a while ago that this program

                          wiped out his 20 Megabyte HD.  I'm not so
                          sure that he was correct and/or telling the
                          truth any more.  I have personally tested an
                          excellent file manager also named FILER.EXE, and
                          it worked perfectly. Also, many other SysOp's
                          have written to tell me that they have like me
                          used a FILER.EXE with no problems.  If you get a
                          program named FILER.EXE, it is probably allright,
                          but better to test it first using some security
                          measures.

FINANCE4.ARC *TROJAN* This program is not a verified trojan;

                          there is simply a file going around BBS's
                          warning that it may be trojan.  In any case,
                          execute extreme care with it.

FUTURE.BAS *TROJAN* This "program" starts out with a very nice color

                          picture (of what I don't know) and then proceeds
                          to tell you that you should be using your computer
                          for better things than games and graphics.
                          After making that point it trashes your A: drive,
                          B:, C:, D:, and so on until it has erased all
                          drives.  It does not go after the FAT alone,
                          but it also erases all of your data.  As far as I
                          know, however, it erases only one sub-directory
                          tree level deep, thus hard disk users should only
                          be seriously affected if they are in the "root"
                          directory.  I'm not sure about this on either,
                          though.

MAP *TROJAN* This is another trojan horse written by the infamous NOTROJ.COM *TROJAN* This "program" is the most sophisticated trojan

                          horse that I've seen to date.  All outward
                          appearances indicate that the program is a useful
                          utility used to FIGHT other trojan horses.
                          Actually, it is a time bomb that erases any hard
                          disk FAT table that IT can find, and at the same
                          time it warns: "another program is attempting a
                          format, can't abort!"  After erasing the FAT(s),
                          NOTROJ then proceeds to start a low level format.
                         One extra thing to note: NOTROJ only damages FULL
                          hard drives; if a hard disk is under 50% filled,
                          this program won't touch it!
                         If you are interested in reading a thorough report
                          on NOTROJ.COM, James H. Coombes has written an
                          excellent text file on the matter named NOTROJ.TXT.
                          If you have trouble finding it, you can get it from
                          my board.

TIRED *TROJAN* Another scramble the FAT trojan by Dorn W.

                           Stickle.

TSRMAP *TROJAN* This program does what it's supposed to do:

                           give a map outlining the location (in RAM) of
                           all TSR programs, but it also erases the boot
                           sector of drive "C:".

PACKDIR *TROJAN* This utility is supposed to "pack" (sort and

                          optimize) the files on a [hard] disk, but
                          apparently it scrambles FAT tables.

QUIKRBBS.COM *TROJAN* This Trojan horse advertises that it will QUIKREF *TROJAN* This ARChive contains ARC513.COM.

                          load RBBS-PC's message file into memory
                          2 times faster than normal.  What it really
                          does is copy RBBS-PC.DEF into an ASCII file
                          named HISCORES.DAT...

RCKVIDEO *TROJAN* This is another trojan that does what it's supposed

                          to do, then wipes out hard disks.  After showing
                          some simple animation of a rock star ("Madonna," I
                          think), the program will go to work on erasing
                          every file it can lay it's hands on.  After
                          about a minute of this, it will create 3 ascii
                          files that say "You are stupid to download a video
                          about rock stars," or something of the like.

SECRET.BAS *TROJAN* BEWARE!! This may be posted with a note saying

                          it doesn't seem to work, and would someone please
                          try it; when you do, it formats your disks.

SIDEWAYS.COM *TROJAN* Be careful with this trojan; there is a perfectly

                          legitimate version of SIDEWAYS.EXE circulating. Both
                          the trojan and the good SIDEWAYS advertise that they
                          can print sideways, but SIDEWAYS.COM will trash a
                          [hard] disk's boot sector instead.  The trojan
                          .COM file is about 3 KB, whereas the legitimate
                          .EXE file is about 30 KB large.

STAR.EXE *TROJAN* Beware RBBS-PC SysOps! This file puts some

                          stars on the screen while copying RBBS-PC.DEF
                          to another name that can be downloaded later!

STRIPES.EXE *TROJAN* Similar to STAR.EXE, this one draws an American

                          flag (nice touch), while it's busy copying
                          your RBBS-PC.DEF to another file (STRIPES.BQS) so
                          Bozo can log in later, download STRIPES.BQS, and
                          steal all your passwords.  Nice, huh!

TOPDOS *TROJAN* This is a simple high level [hard] disk formatter. VDIR.COM *TROJAN* This is a disk killer that Jerry Pournelle wrote

                          about in BYTE Magazine.  I have never seen it,
                          although a responsible friend of mine has.

HACKED PROGRAMS:

—————————————————————————-

'*' = not verified by program's author

—————————————————————————-

ARC.COM HACKED Someone keeps running SPACEMAKER or a similar EXE

                          squeezer on SEA, Inc.'s ARC archive program, then
                          uploading the resulting COM file to BBS's without
                          the author's permission.  SEA will NOT support the COM version -- this
                          is an unauthorized modification.

AUTOMAXX.ARC HACKED This DOS menu-making program comes with

                          documentation that is almost certainly
                          plagiarized.  Marshall Magee, author of the
                          popular AUTOMENU program, contends that the
                          AUTOMAXX documentation uses exact phrases from his
                          documentation, and if this is the case, AUTOMAXX
                          is clearly illegal.  In addition, the
                          executionable file in AUTOMAXX.ARC may also
                          be plagiarized.  For more information, please
                          contact Marshall Magee, at (404) 446-6611.

DOG102A.COM * HACKED Apparently this is a renamed early version of the DP102A.ARC utility DISKPACK.COM. One person has reported that it

                          trashed his hard disk that was formatted under
                          DOS 3.1 (2KB clusters).

LIST60 HACKED Vern Buerg's LIST 5.1, patched to read 6.0.

                         Note:  Mr. Buerg has released a legitimate version
                                6.0 of LIST.  Every legit. version will have
                                a letter in the filename (e.g. LIST60H.ARC)

LIST799 HACKED Vern Buerg's LIST 5.1, patched to read 7.99. QMDM110.ARC HACKED These hacked versions of qmodem are QMDM110A.ARC copies of 1.09, patched to read 1.10. There

                          have been rumors of a worm in 1.10, but I
                          have seen no evidence of it.  Other
                          versions are OK.

PIRATED PROGRAMS:
TYPES:
Game – some sort of game, usually of "Arcade" Quality
Util – a disk, screen, or general utility
Misc – miscellaneous, printer controllers, sound, etc.

—————————————————————————-

Program Name Type Description ———— —- ———–

1DIR.COM PIRATED Util – This is "The ONE Dir," a commercial shell

                                  sold with a Hard Disk subsystem.

21C.EXE PIRATED Game – From the IBM Game Library – blackjack ACUPAINT PIRATED Misc – PC Paint – ARC-ed file is 148,221 bytes. ALLEYCAT.COM PIRATED Util – The IBM game "Alley Cat" ALTEREGO.ARC PIRATED Game – Alter Ego game from Activision

                                 this archive file is huge -- about 450KB
                                 or so..

ARCHON.COM PIRATED Game – Electronic Art's Archon. ARTOFWAR PIRATED Game – Ancient Art of War game. AUTODEX PIRATED Util – AUTODEX, a commercial file manager AXX.EXE PIRATED Util – also AUTODEX B1-BOMB PIRATED Game – Avalon Hill's B1 Bomber BATTLE PIRATED Game – Battle Zone Game BBCHESS PIRATED Game – Blues Box Chess BC-QUEST PIRATED Game – Bc's Quest for Tires BIGMAC.ARC PIRATED Util – Also Superkey BRUCELEE PIRATED Game – Bruce Lee game BUCK PIRATED Game – Buck Rogers on Planet Zoom BURGER PIRATED Game – Burgertime BUSHIDO PIRATED Game – Karate Game BUZZBAIT PIRATED Game – Buzzard Bait CALL2ARM PIRATED Game – Call to Arms CENTIPED PIRATED Game – Be careful with this one. At least two other

                                 legitimate, PD copies of Centipede are in
                                 circulation.  There pirated one is
                                 supposedly PUBLIC DOMAIN BY ATARI.
                                 Yeah, Right.

COMMANDR.ARC PIRATED Game – Norton Commander COSMIC PIRATED Game – Cosmic Crusaders COPYRITE PIRATED Util – Really Quaid Software's COPYWRITE COPYWRIT PIRATED Util – Quaid Software's COPYWRITE again COSMIC PIRATED Game – Cosmic Crusaders game CROSFIRE.COM PIRATED Game – Cross fire game.. CRUSH-CC.ARC PIRATED Game – Crush, Crumble & Chomp Game DEB88.EXE PIRATED Misc – DeSmet "C" debugger DECATH PIRATED Game – Microsoft Decathalon DEFENDER PIRATED Game – Defender DIGGER.COM PIRATED Game – Dig Dug DIGDUG.COM PIRATED Game – Dig Dug DISKEX PIRATED Util – Disk Explorer Utility DOSHELP.EXE PIRATED Util – This is really Central Point Software's

                                  PC-tools.  One special note:  There is
                                  usually a poorly  written documentation
                                  accompanying this file.  In the
                                  documentation ERIC HSU asks for a monetary
                                  contribution to his bbs.  Well, It
                                  seems that this was a poor attempt to damage
                                  ERIC HSU's reputation; Eric is a legitimate
                                  SysOp in the Houston area.

DOSMENU PIRATED Util – INTECH'S DOSMENU - The Menu screen says "PC

                                  DOS MENU SYSTEM 5.0" Archive size is
                                  208,240 - The copyright notice is on the
                                  bottom of the screen.

DOSSHELL PIRATED Util – AUTODEX again DRL PIRATED Game – Avalon Hill's "Dnieper River Line." DIPLOMCY PIRATED Game – Avalon Hill's "Computer Diplomacy" game. EGADIAG PIRATED Util – Quadram EGA (Quad EGA+) diagnostics. EINSTIME PIRATED Util – Another pirated IBM internal utility EXPLORER.COM PIRATED Util – Quaid Software's Disk Explorer EVOLUTIO PIRATED Game – Evolution F15 PIRATED Game – F-15 Strike Eagle FILEEASE PIRATED Util – Dos Utility FILEMGR PIRATED Util – Really FILE MANAGER by Lotus Devel. Corp. FILEMAN PIRATED Util – Also FILE MANAGER. The file is 10 KBytes FINDIT PIRATED Util – IBM internal 'locate a file' utility FSDEBUG PIRATED Util – IBM's Full Screen Debug program.. GOLDCUP PIRATED Game – Gold Cup championship soccer GOLF21.ARC PIRATED Game – Golf's Best version 2.1 GREMLINS.COM PIRATED Game – Gremlins game HARDHAT.COM PIRATED Game – Hard Hat Mack HIGHORBT PIRATED Game – High Orbit (like Star Wars) HOOP.COM PIRATED Game – One-on-1 ID PIRATED Util – Persyst Ram disk software IBM21 PIRATED Game – 21c IPLTIME.COM PIRATED Util – IBM Internal Use Clock utility JBIRD PIRATED Game – Jbirds – Q-bert Game JET PIRATED Game – Jet is a flight simulator JETDRIVE.ARC PIRATED Util – JET Drive – copies files quickly JOUST PIRATED Game – Joust. Be careful, there is a 6K version KEYWORKS.ARC PIRATED Util – Keyworks macro program, usu. version 2.0 KONG PIRATED Game – Donkey Kong LIGHTNIN PIRATED Util – Can be either the cache or spell checker MACE+ PIRATED Util – Paul Mace's MACE+ utilities MACROS PIRATED Util – Again Superkey, or even Prokey MEDMAG.COM PIRATED Util – Quaid Software's Media Magician MISSLEC PIRATED Game – Missle command MONTYS.COM PIRATED Game – Montezuma's Revenge MOONBUGS PIRATED Game – Moon Bugs MS PIRATED Util – IBM internal utility. MTS PIRATED Util – IBM Multitasker that's similar to Double-Dos MULTASK PIRATED Util – Same as MTS MURDRBY# PIRATED Game – Murder by Numbers MUSICCON PIRATED Misc – Music Construction Set NFL.ARC PIRATED Game – Xor's NFL challenge. NICE PIRATED Misc – A printer Controller NODISK-A.COM PIRATED Util – Central Point software's Nokey. NORTON.COM PIRATED Util – Peter Norton's Utilities! NOVATRON PIRATED Util – Tron light cycles. ONE-ON-1 PIRATED Game – One-on-1 basketball game. PATHMIND PIRATED Util – Dos Shell PC-POOL PIRATED Game – Really PC-POOL, commercial game PC-TOOLS PIRATED Util – Central Point Software's PC-tools PCBOSS PIRATED Util – Another Dos shell PCED PIRATED Util – Pro CED, DOS command line editor PEII PIRATED Util – IBM Personal Editor II PINCONST PIRATED Game – Pinball Construction Set POOL.ARC PIRATED Game – Same as PC-POOL POPALARM.COM PIRATED Util – Part of POP DOS POPDOS.ARC PIRATED Util – Pop up (resident) dos utilities. PRIME PIRATED Util – Columbia Data Co. hard disk utility. PROKEY PIRATED Util – Prokey macros program PSHIFT PIRATED Util – really MEMORY SHIFT PSRD.ARC PIRATED Util – IBM utility (redirects PrtSc) QDOS PIRATED Util – Quickdos QUCKDOS PIRATED Util – Quickdos QIX PIRATED Game – The game. RACTER PIRATED Game – Racter RASTER-B PIRATED Game – Raster Blaster RIGHTW PIRATED Util – Right Writer (writing style checker) ROBOTRON PIRATED Game – Robotron, hacked to read PUBLIC DOMAIN BY

                                  ATARI.  Don't pirates have any imagination?

ROGUE.EXE PIRATED Game – Game very similar to the PD game HACK.EXE ROMANTIC PIRATED Game – Romantic Encounters at the Dome. Also RE.ARC SEADRAG.ARC PIRATED Game – Sea Dragon SEE PIRATED Misc – DeSmet editor SFX PIRATED Util – really AUTODEX (again!) SM.COM PIRATED Util – Realia's SPACEMAKER utility SMAP PIRATED Util – IBM Internal utility, with the copyright

                                  notice blanked out and real author's name
                                  () replaced by "Dorn W. Stickle".

SPYHUNT PIRATED Game – Spy Hunter Game. STARGATE.EXE PIRATED Game – Hacked to say "PUBLIC DOMAIN BY ATARI,"

                                  but don't you believe it!  Be careful not
                                  to confuse this 57 KB .EXE file with the
                                  public domain STARGATE MERCHANT game, which
                                  is a little 12 KB BASIC program by G. E.
                                  Wolfworth.

STRIPKR PIRATED Game – Strip Poker by Artworx SUPERCAD PIRATED Misc – Easy CAD, a drawing program – LQR file

                                  size is 242,660 bytes

SUPERKEY PIRATED Misc – Superkey macro program TEMPOFAP PIRATED Game – Temple of Apshai THEQUEST.BAS/EXE PIRATED Game – The Quest TIRES.EXE PIRATED Game – Again, really bc's quest for tires TREASURE PIRATED Game – Pirate's Treasure game ULTIII PIRATED Game – Ultima 3 UTILITY PIRATED Util – Norton's Utilities Arced and with the file

                                  names changed.  When run, however, the
                                  programs display the copyright notice of
                                  Peter Norton.  Many other pirated utilities
                                  could also go under the name UTILITY.

VOYAGERI PIRATED Game – (Avalon-Hill Game) VS PIRATED Util – Also INTECH'S DOSMENU WCKARATE PIRATED Game – World Championship karate by Epyx WG-BBALL PIRATED Game – World's Greatest Baseball Game WORSTR PIRATED Util – Word Star, labeled as a 'great new editor' XDIR PIRATED Util – Pre-release version of DOS FILE TRACKER XTREE PIRATED Util – IBM's tree utility, an IBM "Personally

                                  Developed" program.

ZAXXON PIRATED Game – Hacked (sound familiar?) to say "PUBLIC

                                  DOMAIN BY SEGA."  Sorry, Charlie!

MISCELLANEOUS ILLEGAL FILES:

—————————————————————————-

COPYWRIT MISC Patch – Although the real COPYWRITE is going around

                                 Bulletin Boards like fire, there is another
                                 illegal file under the same name.
                                 The former takes around 40 KB ARC-ed,
                                 whereas this takes about 2 KB.
                                 What I'm referring to is an archive of
                                 1-3 files that explains how to remove
                                 the serial numbers from copywrite. Now
                                 it's allright to "unprotect" a program
                                 for backup purposes, but removing serial
                                 numbers can only lead to piracy.

LOCKPICK MISC Text – This is a text file, usually with a

                                 .TXT extension, that casually explains
                                 how to pick locks.  I'm not sure
                                 whether this is illegal, but it's
                                 definitely in poor taste.

MONOPOLY MISC Game – The authors of all monopoly

                                programs are, according to a fairly reliable
                                source, being sued by Parker Brothers over
                                copyright infringements.  These files may
                                become illegal soon, but as of this printing
                                they are still legal.

MOVBASIC MISC Util – This highly illegal file breaks IBM copyright

                                on BASIC and BASICA.  What it does is create
                                new files called SBASIC or SBASICA that run
                                "IBM BASIC" on an IBM clone.  Guys, don't
                                you think that these clones don't run IBM
                                BASICA for a good reason?  The clones
                                don't support BASICA because it's illegal!

XTALK MISC Patch – Like Copywrite, there is a patch circulating

                                 BBS's to remove the serial numbers from
                                 Crosstalk.

Many thanks to generous, continuous update contributions from:

—————————————————————————-

1. THE SOURCE information service.
2. Jim Harrington
3. Jim Golden
4. You?

—————————————————————————-

This is the end of the "bad files list." The rest of this document contains instructions on what to do if YOU run a trojan horse, an update history, a glossary, and information on how and where to contact me with updates.


If you run a trojan horse..

—————————————————————————-

While reading this, bear in mind that there is no better remedy for a drive that has run a trojan horse than a recent backup..

The first thing to do after running what you think to be a trojan horse is diagnose the damage. Was your [hard] drive formatted? Did the trojan scramble your FAT table? Did every file get erased? Did your boot sector on the [hard] drive get erased/formatted? Odds are that the trojan incurred one of these four disasters.. After the initial diagnosis, you are ready to remedy the problem.

  1)  If the trojan low-level formatted your [hard] disk:
       Hope that you have a recent backup; that's the only remedy for
       this disease.
  2)  If the trojan high-level formatted your [hard] disk:
       There is only one way out of this mess, and that is to use the
       MACE+ utilities by Paul Mace.  MACE+ has two devices in it to
       recover formatted disks, and believe me, they work!  I will talk
       more about the MACE+ utilities later.
  3)  If the trojan scrambled your FAT table:
       Once again, there is nothing to do.  However, there is a program
       called FATBACK.COM (available on my board) that will back up your
       FAT table in under a minute to floppy.  Using FATBACK, it is easy
       and non time consuming to back up your FAT regularly.
  4)  If the trojan erased file(s), and the FAT table is undamaged:
       There are many packages to undelete deleted files.  Norton
       Utilities, PC-tools, MACE+, and UNDEL.COM will all do the job.
       I recommend the first three, but they are more expensive than
       the Public Domain program UNDEL.COM.  When you are undeleting,
       be sure to undelete files in the order of last time written to
       disk.  I know that PC-tools automatically lists undeletable
       files in the correct order, but the other three may not.
  5)  If the boot sector on your [hard] disk gets erased/formatted:
       There are four things to do if this happens, and the worst that
       can happen is that you will go without a [hard] disk for a while.
       To be on the safest side, back up everything before even proceeding
       to step "A," although I can not see why it would be necessary.
        A)  Try doing a "SYS C:" (or "SYS A:") from your original DOS disk,
            and copy COMMAND.COM back onto the [hard] drive after that.
            Try booting and if that doesn't work try step B.
        B)  If you have the MACE+ utilities go to the "other utilities"
            section and "restore boot sector."  This should do the job
            if you have been using MACE+ correctly.
        C)  If you are still stuck, BACK EVERYTHING UP and proceed to do a
            low level format.  Instructions on how to perform a low-level
            format should come with your [hard] disk controller card.
            Be sure to map out bad sectors using either SCAV.COM by Chris
            Dunford or by manually entering the locations of bad sectors
            into the low level format program.  After the low level format,
            if your have a hard disk, run FDISK.COM (it comes with DOS)
            and create a DOS partition.  Refer to your DOS manual for help
            in using FDISK.  Then put your original DOS diskette in drive A:
            and do a FORMAT <drive letter>:/S/V.  Drive letter can stand for
            "C" or "B" depending on whether you are reformatting a hard disk
            or not.  Finally you are ready to attempt a reboot.
        D)  If you are still stuck, either employ some professional computer
            repairmen to fix your drive, or live with a non-bootable [hard]
            drive..

By now you may be saying to yourself:

"How can I get a hold of a 'MACE+' utilities package so that I can guard against trojans? Why, MACE+ can recover a formatted drive, undelete files, restore boot sectors, optimize a disk, and provide a disk cache!

Anyone can obtain these marvelous utilities in one of two ways: one is to call up the Paul Mace Software Company ™ and order them at a retail of $ 79.95. The other is place an order for them at the WEST LOS ANGELES PC-STORE, which supports next day UPS shipping! The BBS phone # for the PC-STORE is at the end of this document.


Update History:

—————————————————————————-

  Version 1.0   Plans were drawn up for a "bad file" list and a dozen
                 bad files were entered in the list.
  Version 2.0   Saw the addition of a short introduction and 3
                 more files.  All work up to here was done by Tom Neff.
  Version 3.0   Here Tom Neff and I started collaborating on the Dirty
                 Dozen.  22 files were added, and the introduction
                 was completely re-written.  Version 3.0 had a total of
                 37 files.
  Version 4.0   By this time I totally took over responsibility
                 of the DD, as Tom Neff lost interest.  Another 30 or
                 so files were added to the list, making the DD 65+
                 files strong, as well as a few more additions to the
                 introduction.
  Version 5.0   By the time I released version 5.0 to the public, the Dirty Dozen
                 was being greeted favorably and with enthusiasm
                 around the country.  Updates started coming in with
                 regularity; the list prospered (if one can say that
                 about a list!).  A few more paragraphs were added to
                 the introduction, and about 40 new files were bringing
                 the file total up to 103!
  Version 6.0   The Dirty Dozen is now such a big project that
                 I am now writing it in stages.  Although I am going to
                 make absolutely no effort to spread these "intermediate
                 versions," they will always be downloadable from my board.
                 This way if anyone so desires, they may keep an extremely
                 current issue of the DD, although the changes will only be
                 minor.  You might think of stage "a" of issue #6 as version
                 6.1, stage "b" as version 6.2, stage "c" as version 6.3, etc.
                 New in version 6.0 is the following:
                     A) Many minor revisions,
                     B) 17 more files, bringing the total to 120!
                     C) Two new paragraphs in the introduction,
                     D) Instructions on how to recover from a trojan horse,
                     E) A comprehensive glossary,
                     F) This update history,
                     G) An acknowledgments section set up for major
                          contributors of information regarding new bogusware
                     H) A new bogusware catagory of "miscellaneous
                          illegal software."
  Version 6.0a   MOVBASIC.ARC and SBASICA added to the list of illegal files.
                  as well as six Trojan horses have been added to the list.
  Version 6.0c   NOTROJ.COM added to the trojan horse list.
  Version 6.0d   DOG102A.COM added to the hacked files list.
                  HACKED files separated from TROJAN files
  Version 6.0e   DANCERS.BAS added to the trojans list.
  Version 6.0f   4 pirated files added, + NODISK-A and DMASTER to trojans
  Version 6.0g   NODISK-A removed from trojan horse list & placed into pirated
                  programs list.  Monopoly warning issued in misc section.
                  added a few pirated programs. + DPROTECT added as trojan.
  Version 6.0h   EMMCACHE and TIRED added to trojan list, + PEII added.
  Version 6.0i   Added TOPDOS to Trojan list, and AUTOMAXX to HACKED list.
  Version 6.0j   Added QUICKREF to trojans list.  Revised introduction,
                  and added a paragraph to the intro about modifying the DD.
  Version 6.0k   Moved paragraph about 'I'm not responsible for this
                   list' to the front of the file for legal reasons.
                   Also added the '*' convention for HACKED programs.
  Version 6.0l   Added FINANCE4 as a possible trojan.  Added a few glossary
                   definitions.
  Version 7.0    The major changes in this version took place in the
                 revision stages above.  However, I still changed
                 quite a bit in version 7.0 compared to 6.0 revision
                 stage 'L;' for example, I added seventeen new pirated
                 programs, bringing the file total to a whopping 165!
                 Moreover, I rewrote virtually every paragraph in the dirty
                 dozen in order to 'stylize' (clean up the writing in) the
                 document.  Once again I would like to thank all users who
                 called in updates to the Dirty Dozen; those users are the
                 people that encourage me to keep producing the dirty dozen!

Glossary:

—————————————————————————-

I have intended this glossary at the beginning to intermediate
user; all experienced BBS users will be bored to death with this.

—————————————————————————-

?Q? – (? standing for any character). File extension for SQueezed

              files.  Squeezed files are unusable until unsqueezed by a
              utility such as NUSQ.COM or USQ.COM.  The advantage of a
              SQueezed file is that it is  smaller than a regular UnSQueezed
              file, thus saving disk space and download time.  ARChives are
              more efficient than Squeezed files; that's why there are so
              many more ARChives on BBS's these days.  Example of the
              extensions of SQueezed files:  .EQE, .CQM, .LQR, .TQT,
              .DQC, etc.

ABBRV – abbreviation for the word: "abbreviation" ARC – File extension for an ARChive file – many files combined

              together to save space and download time that require ARC.EXE,
              PKXARC.COM, ARCE.COM, or ARCLS.EXE to separate the
              files in to runnable and readable (in the case of
              text) form.

BAS – abbrv for "BASIC," as in the programming language BBS – abbrv for "Bulletin Board System" BBS's – abbrv for "Bulletin Board Systems" BOARD – Also "Bulletin Board System" BOGUSWARE – software that is damaging to one or more parties BOOT or – to boot a computer is to restart it from scratch, erasing REBOOT all TSR programs. One reboots by either powering

              off and then back on, or pressing ctrl-alt-del at the same time.

BYTES – Bytes measure the length of a file, with one

              byte equaling one character in a file.

CACHE [disk] – Area of memory set aside to hold recent data. All programs

               then read recent data from that memory rather than from disk.

CLUSTER – a phyical block on all [hard] disks, composed of sectors, that

               holds data.

COM – file extension for a file that is executable from DOS level DD – abbrv for "dirty dozen" DOC – abbrv for "documentation" EMS – Enhanced Memory Specification. An EMS card holds 2 MB extra mem. EXE – file extension for a file that is executable from DOS level HACKED – see "definitions" section HIGH LEVEL FORMAT – This type of format is what most computer users view as

              a regular DOS-format.  That is, formatting a disk using
              FORMAT.COM (included with DOS) is a high level format.

IBM – International Business Machines IBM OR COMP – IBM computer or a 99% or greater IBM Compatible computer KB – Abbreviation for "KiloBytes," one Kb equals 1024 bytes LBR – Extension on Library files. Library files are really

              many combined files like ARChives, but they require
              different utilities to extract the individual files.
              Some examples of such utilities are LUU.EXE, LUE.EXE,
              LAR.EXE, AND ZIP.EXE.  See "ARC"

LOW LEVEL FORMAT – This type of format is only executed on a hard disk, therefore

              most hard disk low-level format programs come only with
              a hard disk controller card.  There are a few PD low-level
              formatting packages, though.  Most manufacturers low-level 
              format their hard drives at the factory.  Low level formatting
              is the first step in the three part formatting process; the 
              second step is to use FDISK, and the third is to execute a
              high level format.

MB – abbrv for "Megabytes," or "millions of bytes." MISC – abbrv for "miscellaneous" OPTIMIZE – to make all files on a disk "contiguous," or physically linked

               together on a [hard] drive.

PATCH – a file that is patched (combined) into another file

              to change the original file in some way

PD – abbrv for "Public Domain" PIRATED – see DEFINITIONS section in this issue. RAM – abbrv for "Random Access Memory." (memory used by software) RBBS – abbrv for RBBS-PC, a type of BBS (Remote Bulletin Board System) ROM – abbrv for "Read Only Memory." (memory used by hardware to boot) SYSOP – SYStem OPerator of a BBS *TROJAN* – see DEFINITIONS section in this issue. TROJAN HORSE – see DEFINITIONS section in this issue. TSR – abbv for "Terminate, Stay Resident" Synonym = "Memory Resident" TXT – abbrv for "text" USU – abbrv for "usually" UNP – abbrv for "unprotect" UNPROTECT – an "unprotect file" is a patch file that results in the

              breaking of copy protection (no doubt for back up purposes).

UTIL – abbrv for "utility" WORM – Trojan Horse ZOO – All files compressed with ZOO.EXE bear this file extension.

               ZOO-compressed files are NOT compatible with ARC.EXE.

Finally:

—————————————————————————-

If you have any additions or corrections for this list, send them to Eric Newhouse at any of the following places: (in order of most frequented)

  • The Crest RBBS (213-471-2518) (1200/2400) (80 MB)

[ This is my board ]

  • The West LA PC-STORE (213-559-6954) (300/1200/2400) (50 MB)
  • The Sleepy Hollow PCB (213-859-9334) (300/1200/2400) (108 MB)
  • VOR BBS (415-994-2944) (300/1200/2400) (20 MB)
  • The Source (leave E-mail to "Doctor File Finder" in IBM SIG #4)

Doctor File Finder (Mike Callahan) will relay your name

                and update information to me.

End of file. 

/data/webs/external/dokuwiki/data/pages/archive/bbs/dirtydzn.txt · Last modified: 2002/04/08 23:48 (external edit)